• Corpus ID: 55427400

Mitigating BYOD Information Security Risks

  title={Mitigating BYOD Information Security Risks},
  author={Daniel Arregui and Sean B. Maynard and Atif Ahmad},
Organisations that allow employees to Bring Your Own Device (BYOD) in the workplace trade off the convenience of allowing employees to use their own device against higher risks to the confidentiality, integrity, and availability of organisational information assets. While BYOD is a well-defined and accepted trend in some organisations, there is little research on how policies can address the information security risks posed by BYOD. This paper reviews the extant literature and develops a… 

Tables from this paper

Theoretical Bases of Identifying Determinants of Protection Intentions towards Bring - Your-Own-Device (BYOD) Protection Behaviors
In this paper, the appropriate theories and models are presented to derive a set of validated determinants of protection intentions towards the protection behaviors of BYOD.
BYOD in Hospitals-Security Issues and Mitigation Strategies
The mitigation strategy elucidates that while information and communication technologies allow better enforcement of security measures; policies and training provide the desired guidance to influence positive user behaviour among employees and hence provides systematic guidelines to curb BYOD security risks in hospitals.
Characterising Risk Factors and Countermeasures for Risk Evaluation of Bring Your Own Device Strategy
The derived characteristics are crucial toward achieving realistic risk evaluation process in BYOD strategy and opened more research directions as the risks circumscribing the strategy continue to emerge as global security challenge to vital information assets.
The bring‐your‐own‐device unintended administrator: A perspective from Zimbabwe
As bring your own device (BYOD) becomes part of workplace tools for employees in Zimbabwe, the responsibility to implement information security management methods, which was traditionally confined to
A snapshot analysis of publicly available BYOD policies
A ‘snapshot’ of a sample of publicly available BYOD policies was analysed to determine if the documents were adequately addressing the issue of BYODs reaching end of life; being discarded, sold, stolen or a combination of these.
A study on e-commuting: Alleviating technical and mobility threats in a BYOD-enabled banking environment in Nigeria
The study found threats that overlap both technical and mobility domains and the existing security measures were found to be inadequate to alleviate those overlapping threats, and recommends possible solutions to limit these security threats.
An Assessment of BYOD Control in Higher Learning Institutions: A Namibian Perspective
Assessment of the extent of adoption of BYOD and effectiveness of controlling these devices and their secure use in Namibian institutions of higher learning confirmed that technical security solutions combined with explicit policies and procedures can help to improve BYOD control.
Bring-Your-Own-Device Usage Trends in Australian Hospitals – A National Survey
This paper provides a starting point for better understanding of BYOD usage in a complex healthcare environment based on empirical evidence, one which highlights the security-usability conundrum, confirming previous literature themes.
Security in Decentralised Computing, IoT and Industrial IoT
This chapter explores the security issues and challenges in IIoT and addresses how Decentralised Computing is an approach to implement Cloud Architecture and IoT infrastructure, and how Cloud and IoT security concerns affect the deployment of a decentralised architecture.
Industrial IoT: Challenges, Design Principles, Applications, and Security
In this book, the editor aims at presenting the IIoT and its place during the industrial revolution (Industry 4.0), while they are taking us to a better, sustainable, automated and safer world.


The aim of this work is to provide various mobility strategies, defences and measures, control aspect, management and governance aspect to look forth in implementing a BYOD strategy in an organization.
BYOD security engineering: A framework and its analysis
An information-centric approach to data security in organizations
A model that is both media-independent and information-centric is presented, allowing organizations to pursue an integrated methodology towards analysing risks and providing information protection across all types of media.
An Approach to Implement Bring Your Own Device (BYOD) Securely
An approach is explained to guard against this type of threat and to secure the corporate data even outside the corporate premises.
Bring your own device security issues and challenges
This paper summarizes threats and attacks on BYODs and reveals their security issues and challenges, and presents a BYOD security framework that provides guidance for enterprises when adopting BYods.
BYOD: Security and Privacy Considerations
Clearly, there are several important advantages for employees and employers when employees bring their own devices to work. But there are also significant concerns about security privacy. Companies
The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes
The CERT Guide to Insider Threats describes CERTs findings in practical terms, offering specific guidance and countermeasures that can be immediately applied by executives, managers, security officers, and operational staff within any private, government, or military organization.
The state of information security
  • M. Potts
  • Computer Science
    Netw. Secur.
  • 2012